Researcher reverse-engineers Skype, makes code available publicly

Just weeks after Microsoft announced it had acquired Skype for $8.5 billion, a Russian researcher has announced that he has successfully been able to reverse engineer the official Skype desktop implementation in an attempt to make the service open source.

Efim Bushmanov, the man behind the project, set up a Blogspot blog to post his findings and to share the binaries that he had extracted, calling for other developers to join the project and help him completely reverse engineer the software.

Bushmanov posts:

Now, most of hard things already done(for 1.x/3.x/4.x versions of skype). Including rc4 and arithmetic compression.

You have unique chance to take a look on skype internal protocol and encryption. You will see what it uses strong AES and RSA encryption with public key infrastructure.

The binaries contain a working implementation of Skype which will allow users to send a message to Skype. However, the code is based on an old version of Skype’s protocol, which the researcher says has been amended slightly in newer versions of the software.

Skype is well known for its ability to encrypt voice communications between parties, so it is very likely that Skype/Microsoft will not allow the code samples to remain available for long. It is against the Skype’s terms to reverse engineer its software but both US and European laws state that it is legal if it helps in terms of interoperability, if the technology is also not patented. Whether Skype will be able to force researcher to either remove the files or put pressure on the company hosting them is not fully known.

Despite this, the idea is to give consumers an open-platform for which they can communicate but Bushmanov isn’t anywhere near releasing a working version of the software that will replace your usual Skype application.

Google and other companies with their own video calling services will look at these files with much interest, again suggesting Skype needs to be quick if it wants to stop its competitors looking into their code and implementations of certain features.

Update: A Skyper spokesperson said the following: “This unauthorized use of our application for malicious activities like spamming/phishing infringes on Skype’s intellectual property. We are taking all necessary steps to prevent/defeat nefarious attempts to subvert Skype’s experience. Skype takes its users’ safety and security seriously and we work tirelessly to ensure each individual has the best possible experience.”